At least 200 US companies were hit by a major cyberattack just before the Fourth of July holiday kicked off.
Huntress Labs, a cyber-security firm, said the “colossal” ransomware attack occurred first at Kaseya, a Florida-based IT company, and then spread through the corporate networks that use its software, the BBC reported Saturday.
John Hammond of the company “Huntress Labs” suggested that what he called the Russian “REvil” gang was behind this attack.
Hammond added that the attackers targeted the cloud service provider Kaseya, which provides its services to a number of large and medium-sized companies.
Kaseya said a “small number” of firms had been impacted, but Huntress said it was about 200. Kaseya has a presence in over 10 countries and more than 10,000 customers.
The US Cybersecurity and Infrastructure Agency said in a statement that it was taking action to address the attack.
Ransomware is the scourge of the internet. Multiple organised criminal gangs are constantly attempting to gain access to computer networks to hold them hostage. The rate of attack is relentless but it can take a lot of time and effort on the criminals part to successfully hijack one victim’s computer system.
In this latest incident the hackers showed that by going after the software supplier of multiple organisations they can pop dozens, perhaps hundreds of victims in one go. We’ve seen horrendous supply chain attacks in the past but this one has the potential to be the biggest incident involving ransomware yet.
It shows that ransomware gangs are thinking creatively about how to have the most impact possible and command the biggest ransom possible.
US governmental and private websites and networks have been subjected to electronic attacks in the past months, and the United States has accused Russia of being responsible for them, which Moscow has denied.
Sources:
- https://us-cert.cisa.gov/ncas/current-activity/2021/07/02/kaseya-vsa-supply-chain-ransomware-attack